package com.example.cangzhou.interceptor;


import com.example.cangzhou.context.BaseContext;
import com.example.cangzhou.properties.JwtProperties;
import com.example.cangzhou.utils.JwtUtil;
import io.jsonwebtoken.Claims;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

@Component
@Slf4j
public class JwtTokenAdminInterceptor implements HandlerInterceptor {

    @Autowired
    private JwtProperties jwtProperties;

    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

        String uri = request.getRequestURI();
        // 判断当前拦截到的是Controller的方法还是其他资源；放行登录和注册
        if (!(handler instanceof HandlerMethod) || uri.contains("/login") || uri.contains("/register")) {
            return true;
        }

        // 1、从请求头中获取令牌
        String token = request.getHeader("token");
        if (token == null || token.isEmpty()) {
            token = request.getHeader("Authorization");
        }

        // 标准化 Authorization 头部，支持 "Bearer <token>"
        if (token != null && !token.isEmpty()) {
            if (token.startsWith("Bearer ")) {
                token = token.substring("Bearer ".length());
            }
            token = token.trim();
        }

        // 2、校验令牌
        try {
            log.info("jwt校验:{}", token);
            if (token == null || token.isEmpty()) {
                response.setStatus(401);
                return false;
            }
            Claims claims = JwtUtil.parseJWT(token);
            Long userId = Long.valueOf(claims.get("id").toString());
            log.info("当前用户id：{}", userId);
            BaseContext.setCurrentId(userId);
            // 3、通过，放行
            return true;
        } catch (Exception ex) {
            // 4、不通过，响应401状态码
            response.setStatus(401);
            return false;
        }
    }
}
